Vulnerability Development: Re: dictionary

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: dictionary

From: dphull () ku edu
Date: Wed, 18 Sep 2002 09:13:33 -0500 (CDT)

On Tue, 17 Sep 2002, alex hajii wrote:

70% of passwords "break" under a good dictionary attack.


I read recently that using L0pthCrack on a 400Mhz PIII, it's possible to 
try every lowercase alpha combination of seven characters in 20 days time. 
I'm not sure how long this would take on a more modern processor, but this 
should be enough to make everyone require longer passwords using more than 
just lowercase alpha chars.

is anyone here familiar with a good dictionary database ?


Depending on the platform you're needing this for, consider L0pthCrack for 
Windows from @stake.com. Back in the old days we used to use Crack on *nix 
systems. If you google around, I'm sure you'll come up with plenty of 
dictionaries for crack.

Good luck.

-- 
Dave Hull
Senior Information Technology Analyst
The University of Kansas
voice: (785) 864-0403 || fax: (785) 864-0485

By Date By Thread

Current thread:

dictionary alex hajii (Sep 17)
- Re: dictionary dphull (Sep 18)
  - Re: dictionary Jose Nazario (Sep 18)
- Re: dictionary Mark Ellzey (Sep 18)
  - Re: dictionary ejb3 (Sep 18)
- Re: dictionary Paul Halliday (Sep 18)
  - OpenSSL Vulnerability and OpenSSH Eric Maiwald (Sep 20)